My reading list 9/3/2014 - The NSA goes to court Jennifer Lawrence is still naked but Apple says it's not their fault and the IRS wants to tax your food

Physics is the most fundamental and all-inclusive of the
sciences, and has had a profound effect on all scientific development.
In fact, physics is the present-day equivalent of what used to be called
natural philosophy, from which most of our modern sciences arose.
Students of many fields find themselves studying physics because of the
basic role it plays in all phenomena.

The recent push to tax catered meals is a "national directive by senior officials," according to the Wall Street Journal.
In the eyes of both IRS agents and tax professionals, company-provided
meals are a fringe benefit, just like the use of a company car for
personal purposes.

However, Silicon Valley firms are already pushing back against the tax, and the issue is expected to end up in court.

Because the IRS isn't hated enough... You have to wonder where they find these assholes making these decisions.

Senior Judge Robert Sack asked if the prudent thing might not be to
wait. "Might we not say—great, we agree with you, but there's other
litigation going on," he said. "We want to let the Supreme Court have a
kick at the ball. Does it make sense to say, here are our views—and then
wait until the DC Circuit speaks, and the Supreme Court has an
opportunity to speak? Before actually making an order, an
injunction? Suppose we're wrong, and someone blows up a subway train?"

Reading the article it didn't particularly positive for the ACLU, but Ars Technica maintains that the judges didn't indicate any leanings one way or the other.

The bulk of “Bleeding Edge” is set in New York City during the months
between the dotcom crash and the September 11 attacks. This imbues the
novel with an eerie sense of dramatic irony — people know things are
bad, but they have no idea how bad things will get. So your startup
failed? No big deal, get a job on Wall Street or even suffer at a
cubicle farm until the investment climate improves. And even if you’re
unemployed it’s not as if we’re at war or anything… It’s the
same vibe struck by those early powerful episodes of “The Sopranos”
which took place around the same time: “Things aren’t great, but they’ll
get better. Right? RIGHT?”

Tried to read the book. Couldn't get into it, but maybe I will try again. I kind of doubt it though, it seems to be aimed at the sensitive socially aware type (Social Justice Warriors as Larry Correia calls them) and frankly I don't really need the lecture yet again.
Wired - A Google Site Meant to Protect You Is Helping Hackers Attack You -

It’s long been suspected that hackers and
nation-state spies are using Google’s antivirus site to test their tools
before unleashing them on victims. Now Brandon Dixon, an independent security researcher,
has caught them in the act, tracking several high-profile hacking
groups—including, surprisingly, two well-known nation-state teams—as
they used VirusTotal to hone their code and develop their tradecraft.

Apple accounts seem particularly vulnerable because of the recovery
process, password requirements and ability to detect if an email address
has an associated iCloud account. The recovery process is broken up
into steps and will fail at each point. While Apple do not reveal if an
email address is a valid iCloud address as part of the recover process,
they do reveal if it is valid or not if you attempt to sign up a new account using the same email
– so verification (or brute force attempts) are simple. The second step
is verifying the date of birth and it will pass or fail based on that
data alone so can be guessed, while the last step are the two security
questions. It would be a good idea for Apple to kill the interface on
signup that shows new users if their email account is available to use
as an iCloud account or not. It would also be a good idea to make the
recovery process one big step where all data is validated at once and
the user is not given a specific error message. It would also be wise to
attach rate limits and strict lockout on this process on a per-account
basis.

Being able to POST an email address to https://appleid.apple.com/account/validation/appleid and getting back a response indicating if it is a valid account or not, with little to no rate limiting, is a bug.

This has been an ongoing issue for a long time. From what I have seen it appears Apple is attempting to shift the blame to the victims, but even if they did everything right Apple's process still made them vulnerable. That is a problem.

About Me

52 year old white male oozing privilege and advantage, if you find that sort of thing sexy. But, I care about the less fortunate if you don't. Either way I'm an idiot so take it all with a grain of salt.